From owner-freebsd-current  Tue May 21 10:12:57 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id KAA11057
          for current-outgoing; Tue, 21 May 1996 10:12:57 -0700 (PDT)
Received: from MindBender.HeadCandy.com (root@[199.238.225.168])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id KAA11051
          for <current@freebsd.org>; Tue, 21 May 1996 10:12:53 -0700 (PDT)
Received: from localhost.HeadCandy.com (michaelv@localhost.HeadCandy.com [127.0.0.1]) by MindBender.HeadCandy.com (8.7.5/8.6.9) with SMTP id KAA15825; Tue, 21 May 1996 10:06:34 -0700 (PDT)
Message-Id: <199605211706.KAA15825@MindBender.HeadCandy.com>
X-Authentication-Warning: MindBender.HeadCandy.com: Host michaelv@localhost.HeadCandy.com [127.0.0.1] didn't use HELO protocol
To: "Charles C. Figueiredo" <marxx@apocalypse.superlink.net>
cc: "Brett L. Hawn" <blh@nol.net>, current@freebsd.org
Subject: Re: freebsd + synfloods + ip spoofing 
In-reply-to: Your message of Tue, 21 May 96 07:18:54 -0400.
             <Pine.BSF.3.91.960521071632.1399B-100000@apocalypse.superlink.net> 
Date: Tue, 21 May 1996 10:06:34 -0700
From: "Michael L. VanLoon -- HeadCandy.com" <michaelv@HeadCandy.com>
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


>> >and the such need to generate their own headers. Besides, unless your
>> >clueless losers and lame crackers gain root, they can't open raw sockets.

>> Any PC with an ethernet card on the network can open "raw" packets.

>	You're right, that was my point exactly. User's on his servers aren't
>going to be opening raw sockets, like was mentioned. It's a raw socket, 
>not a packet.

>> And they might not even have to be there while the sniffer collects
>> data.  I've seen the consequences first-hand.

>	This has absolutely nothing to do with sniffing, we're talking about
>IP spoofing + TCP sequence number generation/prediction, get it straight.

Whatever.  For many people, sniffing is just part one of spoofing.
Once you're that far, there isn't a whole lot left to get to spoofing.

-----------------------------------------------------------------------------
  Michael L. VanLoon                                 michaelv@HeadCandy.com
        --<  Free your mind and your machine -- NetBSD free un*x  >--
    NetBSD working ports: 386+PC, Mac 68k, Amiga, Atari 68k, HP300, Sun3,
        Sun4/4c/4m, DEC MIPS, DEC Alpha, PC532, VAX, MVME68k, arm32...
    NetBSD ports in progress: PICA, others...

   Roll your own Internet access -- Seattle People's Internet cooperative.
                  If you're in the Seattle area, ask me how.
-----------------------------------------------------------------------------